Mail server and method for sending e-mails to their recipients

ABSTRACT

The present invention relates to a mail server for a network. The mail server has a sender part arranged to receive outgoing e-mails from users of the network and to send the received e-mails to their recipients. The sending part is arranged to copy at least some of the contents in the received e-mail to a storage. The sending part provides an amended e-mail based on the received e-mail, said amended e-mail comprising at least one pointer substituting the contents copied to the storage, said pointer pointing at said contents in said storage.

TECHNICAL FIELD

The present invention relates to e-mail communication. In particular, itconcerns a mail server for a private or public network.

It also relates to a network comprising said mail server and a methodfor sending e-mail in such network.

BACKGROUND

E-mail communication is today a widely spread communication means. Itprovides an important tool in the daily work in many businesses. Theamount of e-mails that are sent is steadily increasing. However, theincreased amounts of e-mails which are handled by company mail serversand by workers within companies cause problems. For example, it has beenreported decreasing effectiveness of employees in companies, if the mailserver is down. Further, mail boxes of the users have usually a limitedsize. When the size of the mail box has been exceeded, e-mail trafficcan be stopped. This causes heavy inconveniences for the user. This canalso be very frustrating. The user has no control over the size of theinbox, as he/she has no control over the amount of e-mails received andthe size of the received e-mails.

Further, privacy is weak, since the e-mails are generally not encrypted.

SUMMARY

One object of the present invention is to solve at least some of theproblems mentioned above.

This has been achieved by means of an improved mail server for anetwork. The mail server has a sender part arranged to receive outgoinge-mails from users of the network and to send the received e-mails totheir recipients. The sender part is further arranged to copy at leastsome of the contents in the e-mail to a storage and to provide anamended e-mail based on the e-mail, said amended e-mail comprising atleast one pointer substituting the contents copied to the storage, saidpointer pointing at said contents in said storage. Thereafter, theamended e-mail is sent to the recipient.

One advantage of the mail server described above is that the recipientsgain better control over the size of their inboxes, as the substantialcontents of the received e-mails are still stored at the sender's site.The receiver does not download the contents to his/her own computeruntil he/she activates the pointer. Further, the business case ofsending spam attachments will be reduced since the sender is keeping thecontents.

In accordance with one embodiment, the pointer is an address to datamanaged by a web server, a so called URL. Communication with saidaddress can be encrypted with HTTPS. Thereby the contents stored at thestorage server can be transmitted to the recipient over an encryptedtunnel. The term HTTPS indicates a secure HTTP connection.

In accordance with one embodiment, the sender part is arranged to sign,and possibly also encrypt the amended e-mail. The amended e-mail is forexample signed with a private key associated to the sender part. Theencryption is for example performed using a public key associated to therecipient of the e-mail.

The contents copied to the storage comprises in one example one or aplurality of attachments. Further, the sender part can be arranged tocopy the received outgoing e-mail itself with at least some of itscontents to the storage. Further, the contents copied to the storageserver can be encrypted for example using a key associated to therecipient

The mail server is usually also arranged to receive incoming e-mails.Accordingly, it has a receiver part arranged to receive incoming e-mailsand to forward the incoming e-mails to their recipients present in aprivate or public network served by said mail server.

In one example, the receiver part is arranged to amend the pointer inthe received e-mail so as to point at its destination via a proxy serverassociated with the mail server. If the communication is based on HTTPS,a secure tunnel can thereby be provided between a storage at the senderside and the proxy server. The contents at the tunnel endpoint in thestorage can thereby be downloaded to the proxy server through the secureconnection. If the contents are an e-mail, the proxy server can thenforward the e-mail to the mail server for further transmittal to therecipient.

The receiving part can be arranged to verify the mail server from whichan incoming e-mail originates and to, if the originating server isverified, amend the pointer in the received e-mail so as to point at itsdestination via the proxy server associated with the mail server.

The present invention also relates to a network comprising a mail serverand a plurality of clients served by said mail server, wherein the mailserver has a sender part in accordance with the above and storage inaccordance with the above.

The present invention further relates to a network comprising a mailserver, a plurality of clients served by said mail server, and a proxyserver. The mail server has a receiving part arranged to receiveincoming e-mails and to send the received e-mails to their recipientswithin the network. The proxy server is arranged to amend a pointer inthe received e-mail so that the pointer points at its destination viathe proxy server. Communication is for example encrypted with HTTPS, inwhich case the amended pointer defines the proxy server as one of thechannel endpoints for HTTPS.

The invention further relates to a method for sending e-mails from usersin a network and a method for receiving e-mails. Said methods havefeatures corresponding to those described above.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block scheme over a first private or public network and asecond private network in communication over the Internet.

FIG. 2 is a block scheme over a personal computer in one of the privateor public networks in FIG. 1.

FIG. 3 is a flow chart illustrating the operation of a mail server inthe first (sending) private or public network in FIG. 1.

FIG. 4 is a flow chart illustrating an example of the operation in thesecond (receiving) private or public network when e-mails are stored onthe storage server of FIG. 1.

FIG. 5 is a flow chart illustrating an example of the operation in thesecond (receiving) private or public network when attachments are storedon the storage server of FIG. 1.

FIG. 6 is a bock scheme showing an example of a sending part in at leastone of the mail servers in FIG. 1.

FIG. 7 is a block scheme showing an example of the storage server inFIG. 1.

FIG. 8 is a bock scheme showing an example of a receiving part in atleast one of the mail servers in FIG. 1.

DETAILED DESCRIPTION

In FIG. 1, a number of personal computers 102 a, 102 b, 102 c, 102 d ina first private network 101, for example a company or Internet ServiceProvider network, are connected to a first mail server 103. Thecommunication between the personal computers 102 a, 102 b, 102 c, 102 dand the first mail server 103 takes place for example using SMTP (SimpleMail Transfer Protocol). The first mail server 103 is associated with astorage sever 104 of the first private network 101. Both the first mailserver 103 and the storage server 104 of the first private network 101are available to the Internet 105.

A number of personal computers 102 e, 102 f, 102 g, 102 h in a secondprivate network 106, for example a company network, are associated witha second mail server 107. The communication between the personalcomputers 102 e, 102 f, 102 g, 102 h of the second private network 106and the second mail server 107 takes place for example using POP3 (PostOffice Protocol version 3). The second mail server 107 is associatedwith an e-mail storage proxy server 108 of the second private network106. Both the second mail server 107 and the e-mail storage proxy server108 are available to the Internet 105. Thus, data can be communicatedbetween the first mail server 103 and storage server 104 of the firstnetwork 101 and the second mail server 107 and e-mail storage proxyserver 108 of the second network 106 over the Internet 105.

In the herein described example based on use of a public and private key(PKI), both the first and second networks 101, 106 are in communicationwith one or a plurality of key servers 109. The key servers 109 arearranged to store the public keys of the users in the networks 101, 106.In one example, the first and second mail servers 103, 107 of the firstand second networks 101, 106 are arranged to provide the user's publickeys to the key server 109. In another example, the users themselvesprovide their public keys to the key server 109.

In this description, operations and means for sending e-mails aredescribed in relation to the first network 101 and operations and meansfor receiving e-mails are described in relation to the second network106. In practice, both networks have usually means for both sending andreceiving e-mails in the herein described manner.

In FIG. 2, the personal computers 202 of the first and second networks101, 106 are provided with means 210 for e-mail correspondence. Themeans for e-mail correspondence comprises in one example softwarearranged to support inclusion of attachment files in the e-mails. In oneexample, Microsoft Outlook or other commercially available software fore-mailing is installed on, or accessible by, the personal computers 202.The personal computers 202 are associated to one or a plurality ofusers. In one example, each user has a private key 211 on his/herpersonal computer. Accordingly, e-mails produced by the user on his/hercomputer can be digitally signed with the private key of that user. Thesigning is performed when the e-mail is sent. The public keys are storedin the key server 109, as described above in relation to FIG. 1.

In FIG. 3, the first mail server 103, acting as sender of e-mails in theherein described example, is arranged to receive e-mails in a step 312from the personal computers 102 a, 102 b, 102 c, 102 d of the firstprivate network 101. In the shown example, the first mail server 103 isarranged to verify the identity of the user in a step 313 beforeprocessing the incoming mail further. In one example, wherein thereceived e-mail is signed with the private key of the user who sent thee-mail, the verification is accomplished using the user's public key forauthentication of the user in known manner. In this example, the firstmail server 103 has stored thereon or access to public keys of the usersof the first network. The first mail server 103 is then arranged toprocess the received e-mails before transmittal to the recipient.

Accordingly, the first mail server 103 is arranged to determine whetherthe received e-mail is to be directly sent to the recipient or modifiedbefore transmittal in a step 314. In one example, the determination isbased on the size of the received e-mail. Accordingly, if the e-mailexceeds a predetermined size, then the e-mail is modified in the mannerdescribed below before transmittal. If on the other hand, the mail sizeis smaller than the predetermined size, the e-mail is possibly encryptedin a step 319 and thereafter sent directly to the recipient in a step321. In another example, the determination is based on the presence ofattachments in the mail. Accordingly, if the e-mail comprises one ormore attachments, then the e-mail is modified in the manner describedbelow before transmittal. If on the other hand, the e-mail does notcomprise any attachments, the e-mail is possible encrypted in the step319 and thereafter sent to the recipient in the step 321. Thedetermination can be based on a number of other parameters such as theidentity of the sender and/or receiver of the e-mail. The encryptionstep 319 of the e-mail is in one example performed using a public key ofthe final recipient of the e-mail (the recipient user). The public keyof the recipient user is available by means of the key server 109.

If it is determined in the step 314 that the e-mail is to be sentdirectly to the recipient in the step 321, possibly encrypted in thestep 319, the mail server is arranged to send the email further to therecipient without any modifications. The e-mail is in one example sentby SMTP e-mail transport over the Internet.

If it is determined that the e-mail is to be modified, the first mailserver 103 is arranged to perform at least some of the steps describedin the following with reference to FIG. 3.

In the herein described example, the first mail server 103 is arrangedto provide a copy of the received and verified e-mail in a step 315. Thereceived and verified e-mail comprises in one example no attachments. Inanother example, it comprises one or a plurality of attachments.Irrespective of which, the mail server is in one example arranged toencrypt the copy of the e-mail in a step 316. The copy of the e-mail isfor example encrypted in the encryption step 316 with the public key ofthe recipient user. The public key can be provided from the key serverdescribed above. The first mail server 103 is arranged to feed theencrypted e-mail copy to the storage server 104 in a step 317. In analternative example, the first mail server 103 is not arranged toperform the encryption step 316 so as to encrypt the copy before feedingit to the storage server 104. The storage server 104 can then bearranged to encrypt the copy for example using the public key of therecipient user.

Thus, the copy of the e-mail is stored on the storage server 104substantially in its original format encrypted with the public key ofthe recipient user. If the e-mail has been signed by the sending userusing a certificate-based method, the signature is in one example notremoved from the copy of the e-mail, stored at the storage server. Then,the sender and contents of the e-mail copy can be verified by therecipient user. The storage server 104 is in one example arranged toremove e-mails stored thereon based on preset criteria. In one example,the storage server is arranged to remove e-mails which have been storedthereon for a predetermined time period.

The first mail server 103 is further arranged to provide an amendedversion of the received e-mail for transmittal to the recipient. In theshown example, the mail server is arranged to perform amendments in afirst amendment step 318 of the incoming e-mail related to the contentsof the e-mail. In one example, the amendment involves a step 318 a ofremoving all contents from the e-mail (attachments and text written bythe sender). In another example the amendment involves a step 318 a ofremoving some of the contents from the e-mail, e.g. all attachments orall attachments of a predetermined format (such as pdf). The first mailserver 103 is further arranged to create a pointer to the copy of theoriginal mail stored on the storage server 104 in a step 318 b. Thepointer is then included in the amended e-mail. The pointer is forexample a web server address, a so called URL. In one example,communication with said web server address he is based on encryptionwith HTTPS. The amendment comprises in one example further includinginformation related to the removed subject matter in the amended e-mail.For example information related to attachments comprised in the originale-mail can be included. The information includes for example file size,creation date, file name, author etc.

In one example, the first mail server 103 is arranged to perform theamendment step 318 by removal and addition of information in theoriginally received mail. In an alternative example, the amendment isperformed by creating a new e-mail. Relevant parts of the original mailare then copied into the created mail and the new information (asdescribed above) is entered into the e-mail.

In the shown example, the first mail server 103 is arranged to performamendments of the incoming e-mail so as to be identifiable to the secondmail server 107 of the second private network. Accordingly, in oneexample amendments are performed related to the identity of the senderin a second amendment step 320. This amendment step 320 comprises in oneexample signing the amended e-mail with a private key associated to thefirst mail server 103. The associated public key is in one examplestored at the key server 109. In another example, the first server 103has sent the second mail server 107 its public key.

The first mail server 103 is arranged to send the amended email furtherto the recipient's mail server in the sending step 321. The e-mail is inone example sent by SMTP e-mail transport over the internet. In theexample illustrated in FIG. 3, the e-mail is encrypted in the encryptionstep 319 before the amendments are performed related to the identity ofthe sender in the step 320. The encryption step 319 for encryption ofthe e-mail is in one example performed using a public key of the finalrecipient of the e-mail (the recipient user). The public key of therecipient user is available by means of the key server 109.

The steps discussed above performed by the first mail server 103 are notnecessarily performed in the above described order.

In an alternative example, the first mail server 103 is not arranged tostore a copy of the received e-mail on the storage server 104. Instead,it is arranged to store attachments comprised in the received e-mail onthe storage server. In this case, it is possible for the recipient toverify that the received e-mail was forwarded by the first mail server103. However, it is not possible for the recipient to verify theoriginal sender of the attachment. The pointer described above,comprised in the modified e-mail, is in this alternative examplearranged to point at an attachment in the storage server. Accordingly,if the original e-mail comprises a plurality of attachments, the amendedmail comprises one pointer for each attachment. The attachments storedat the storage server is in one example encrypted with the public key ofthe recipient, as described in relation to the example described above,wherein the entire e-mail is stored on the storage server. In yet analternative example, both the copy of the received e-mail (with orwithout included attachments, if any) and the attachments are stored onthe storage server 104.

In the shown example in FIG. 7 the storage server 104 is arranged tostore both attachment files 738 and e-mails 739. In an alternativeexample, the storage server 104 is arranged to store either attachmentfiles 738 or e-mails 739.

In FIG. 6, a sending part 634 of the at least the first mail server 103comprises a verification unit 635 arranged to perform the step 313 ofverifying the user as described in relation to FIG. 3. The sending partcomprises also a copying unit 636 arranged to perform the steps ofproviding a copy 315 and feeding 317 the copy to the storage server. Thecopying unit 636 may also be arranged to perform the step 315 so as toencrypt the copy. The sending part comprises also an e-mail processingunit 637 arranged to process the received e-mail in accordance with atleast some of the steps 318-320 in FIG. 3 so as to provide an amendede-mail for transmittal to the recipient. The units of the sending part634 are to be seen as logical units which are implemented in softwareand/or hardware.

FIG. 4 describes an example, wherein the storage server 104 is arrangedto store a copy of the received e-mail (with or without attachments) onthe storage server 104. The second mail server 107, serving therecipient, is arranged to receive e-mails for example over SMTP from theInternet in a step 422. If the received e-mail is signed, the secondmail server 107 is then arranged to verify the identity of the firstmail server 103 from which the received e-mail was sent in a step 423.Accordingly, the digital signature of the first mail server 103 isverified. In an example, wherein the received e-mail is signed based ona public and private key, the first mail server 103 is verified againsta public key associated to the first mail server 103. In one example,the second mail server is arranged to provide the public key for thefirst mail server 103 from the key server 109 available over theInternet. In another example, public keys have been exchanged betweenthe mail servers 103, 107 of the associated first and second networks101, 106. If the identity of the mail server from which the receivede-mail originates is verified, the second mail server 106 is arranged toforward the e-mail to the recipient in the manner described below.

If the received and verified e-mail does not comprise a pointer, thereceiving mail server 107 is arranged to forward the e-mail directly tothe recipient in a step 432.

If, on the other hand, the received, and verified e-mail comprises apointer, and if the contents at which the pointer points is an e-mail,the following steps are performed by the second network 106. The secondmail server 107 is arranged to modify the pointer in a step 424 so thatit still points to the recipient user but through the secure e-mailstorage proxy server 108 of the recipient's network 106. The e-mail isthen sent to the mail-box of the recipient user in a step 425. Thee-mail is sent using the same transport as is usually used incommunication between the first and second mail servers 103. In analternative example (not illustrated), the computer of the recipientuser is arranged to modify the pointer so that it points to therecipient user through the secure e-mail storage proxy server 108. Inaccordance therewith, the second mail server 107 does not need to modifythe pointer in the step 424 before sending it to the mail-box of therecipient user in the step 425.

As the pointer (URL) provides a link to the sender's storage server 104,the recipient of the e-mail just has to click on the pointer. Inresponse to that, communication between the recipient and the storageserver 104 of the first private network 101 is started in steps 427, 428via the storage proxy 108. Thereby, the e-mail (with or withoutattachment(s)), at which the pointer points, can be downloaded to thecomputer of the recipient (or somewhere else in the recipient'snetwork). If the e-mail at which the pointer points is encrypted, anencryption program of the recipient is arranged to decrypt in a step 430the downloaded e-mail with his/her own private key. Further, theencryption program of the recipient is arranged to verify the digitalcertificate of the sender (user's certificate) associated to thedownloaded e-mail in a step 431.

If the pointer in the received e-mail is encrypted with HTTPS, a securetunnel is opened in a step 426. The tunnel endpoints are the storageserver 104 of the first network 101 and the proxy server 108 of thesecond network 106. The tunnel endpoints are in known manner specifiedin a HTTPS certificate accessible to the storage server 104 and theproxy server 108. The e-mail or attachment at which the pointer points,is then sent in a step 427 over the connection encrypted with HTTPS tothe receiver's proxy server 108. The proxy server 108 is then arrangedto send the received e-mail in a step 428 to the second mail server 107,which forwards the e-mail (including or not including attachment(s)) ina step 429 to the recipient. The encryption program of the recipient isarranged to decrypt the downloaded e-mail/attachment in a step 430 withhis/her own private key. Further, the e-mail program of the recipient isarranged to verify the signature of the sender (a user of the firstprivate network 106) associated to the downloaded e-mail in the step431. In order to enable decryption and verification, the personalcomputer 202 of FIG. 2 comprises in one example means for decryption andverification.

The operation of the recipient's network 106 is in FIG. 4 described inrelation to the herein described sender's network 101. However, therecipient's network 106 herein described can cooperate with any storageserver 104 arranged to store e-mails. In one example, the stored e-mailsare signed with the signature of the sender and/or encrypted. Theencryption is for example performed with a public key of the receiver.

In FIG. 8, a receiving part 840 of the at least the first second mailserver 107 comprises a verification unit 841 arranged to perform thestep 423 of verifying the sender as described in relation to FIG. 4. Thereceiving part 842 comprises also a pointer amendment unit 842 arrangedto perform the step 424 of modifying the pointer in FIG. 4 beforetransmittal of the e-mail to the recipient. The units of the receivingpart 840 are to be seen as logical units which are implemented insoftware and/or hardware.

FIG. 5 describes an example, wherein the storage server 104 is arrangedto store attachments on the storage server 104. The receiving mailserver 107 is arranged to forward the e-mail in a step 525 directly tothe recipient irrespectively whether the received (step 522) andverified (step 523) e-mail comprises a pointer or not. As the pointer(URL) provides a link to the sender's storage server 104, the recipientof the e-mail just has to click on the pointer. In response to that,communication between the recipient and the storage server 104 of thefirst private network 101 is started. Thereby, the attachment at whichthe pointer points, can be downloaded to the computer of the recipient(or somewhere else in the recipient's network) in a step 533. If thepointer uses HTTPS, the downloading is performed in the encrypted tunnelprovided by HTTPS in a step 526. If the attachment itself is encrypted,an encryption program of the recipient is arranged to decrypt thedownloaded attachment with his/her own private key in step 530. Further,the encryption program of the recipient is in the illustrated examplearranged to verify (step 531) the digital signature of the sender(user's certificate) associated to the downloaded attachment.

In the description above, encryptions are performed using any encryptionmethod based on the use of a public and private key (PKI). However, alsoother encryption methods can be used, for example those relying onstorage of keys by a trusted part.

1. A mail server for a network comprising: a sender part to receiveoutgoing e-mails from users of the network, send the received e-mails totheir recipients, copy at least some of the contents in the receivede-mail to a storage, and provide an amended e-mail based on the receivede-mail, said amended e-mail comprising at least one pointer substitutingthe contents copied to the storage, said pointer pointing at saidcontents in said storage.
 2. The mail server according to claim 1,wherein the pointer is a web server address.
 3. The mail serveraccording to claim 2, wherein communication with said web server addressis encrypted with hypertext transfer protocol secure (HTTPS).
 4. Themail server according claim 1, wherein the sender part signs the amendede-mail.
 5. The mail server according to claim 4, wherein the sender partsigns the amended e-mail with a key associated with the mail server. 6.The mail server according to claim 1, wherein the contents copied to thestorage comprises one or a plurality of attachments.
 7. The mail serveraccording to claim 1, wherein the sender part copies the receivedoutgoing e-mail at least some of the contents of the received outgoinge-mail to the storage.
 8. The mail server according to claim 1, whereinthe mail server verifies the identity of the sending user based on asignature associated to the received e-mail.
 9. The mail serveraccording to claim 1, wherein the mail server encrypts the copiedcontents to the storage.
 10. The mail server according to claim 9,wherein the mail server encrypts the copied contents with a keyassociated to the recipient.
 11. The mail server according to claim 1,further comprising: a receiver part to receive incoming e-mails and toforward the incoming e-mails to their recipients present in the networkserved by the mail server.
 12. The mail server according to claim 11,wherein the receiving part amends the pointer in the received e-mail soas to point at the destination of the pointer via a proxy serverassociated with the mail server.
 13. The mail server according to claim11, wherein the receiving part verifies the mail server from which anincoming e-mail originates and to, if the originating server isverified, amend the pointer in the received e-mail so as to point at thedestination of the pointer via a proxy server associated with the mailserver.
 14. A network comprising: a plurality of clients; a storage; anda mail server, coupled to the plurality of clients and the storage, andwherein the mail server comprises a sender part to receive outgoinge-mails from the clients and to send the received e-mails to theirrecipients, copy at least some of the contents in the received e-mail tosaid storage, and provide an amended e-mail based on the receivede-mail, said amended e-mail comprising at least one pointer substitutingthe contents copied to the storage, said pointer pointing at saidcontents in said storage.
 15. A network comprising: a plurality ofclients; and a mail server, coupled to the plurality of clients, whereinthe mail server comprises a receiving part to receive incoming e-mails,and send the received e-mails to their recipients within the network, aproxy server to amend a pointer in the received e-mail so that thepointer points at the destination of the pointer via the proxy server.16. The network according to claim 15, wherein the pointer is encryptedwith HTTPS and in that the proxy server is a channel endpoint for HTTPS.17. The network according to claim 15, wherein the mail server verifiesa mail server from which the received e-mail originates based on asignature included in the received e-mail.
 18. A method for sendinge-mails from users of a network to their recipients, comprising copyingat least some of the contents in the e-mail to a storage; and providingan amended e-mail comprising at least one pointer substituting thecontents copied to the storage, said pointer pointing at said contentsin said storage.
 19. The method according to claim 18, furthercomprising: providing the pointer in the form of a web server address;and communicating with said web server address based on HTTPS.
 20. Themethod according to claim 18, further comprising: signing the amendede-mail.
 21. The method according to according to claim 20, wherein theamended e-mail is signed with a key associated to the mail server. 22.The method according to claim 18, wherein one or a plurality ofattachments of the e-mail is copied to the storage.
 23. The methodaccording claim 18, wherein the e-mail with at least some of itscontents is copied to the storage.
 24. The method according to claim 18,further comprising: verifying the identity of the sending user based ona signature associated to the received e-mail.
 25. The method accordingto claim 18, wherein the copied contents are encrypted to the storage.26. The method according to claim 25, wherein the copied contents areencrypted with a key associated to the recipient. 27.-28. (canceled)